Oct 13, 2021
Password security is an essential component of keeping organizational data secure. However, more often than not, it is common to find that users do not do the greatest job of adhering to password guidelines and best practices. In fact, recent studies confirm that a vast majority of cybersecurity breaches occur due to weak or compromised passwords. This is why multi-factor authentication, or MFA, is quickly becoming the new norm for authenticating accounts and keeping data secure.
Multi-factor authentication (MFA) is an authentication method that requires users to provide two or more points of verification to gain access to data via applications, accounts, or other resources. Rather than relying on a static, often user-generated, username and password, MFA methods call for at least one additional verification factor, which makes it more challenging for cybercriminals to breach secure data.
Any multi-factor authentication method will employ at least one of these three elements: knowledge, possession, and inherence. Knowledge refers to something you must know, possession refers to something that you have, and inherence refers to parts of your identity. So for example, some methods of authentication will call for a PIN or code—or knowledge—to grant secure access. Other methods might require the use of your cell phone (possession) or even your fingerprint (inherence).
Earlier this year, Google, the most widely used email service to date with 1.8 billion active users globally, announced that they will be making MFA a requirement for all users. Google, who already offered two-step verification, or 2SV, as an option, shared that it will now make this an automatic process for any Google account user looking to access their account.
“In 2020, searches for “how strong is my password” increased by 300%. Unfortunately, even the strongest passwords can be compromised and used by an attacker – that’s why we invested in security controls that prevent you from using weak or compromised passwords,” shared Mark Risher, Director of Product Management, Identity and User Security, on the company’s blog. "One of the best ways to protect your account from a breached or bad password is by having a second form of verification in place."
Though Google has standardized its own method of two-step verification, there are multiple methods of MFA that your organization can employ to keep your data safe. Some are more secure than others.
Regardless of the types of authentication methods an organization implements, flaws in configuration and other errors can leave room for cybercriminals to break through MFA security measures. This is why hundreds of organizations, large and small, partner with Milner’s managed IT team to ensure that their organization’s data remains secure, even as cybercriminals become more sophisticated.
If you’re interested in ensuring that your organization’s password practices measure up to today’s new standard for authentication, grade yourself using our Password Report Card, or reach out to our team to find out how we can help you keep your organization’s data secure.